Slashdot Mirror
Scientists Make Quantum Encryption Breakthrough
Madas writes "Scientists working in Cambridge have managed to make quantum encryption completely secure (registration required) by
putting decoy pulses in the key transmission stream. According to the story this paves the way for safe, encrypted high-speed data links. Could this allow completely private transmission of data away from snooping eyes and ears? Or will it mean film studios can stop movies from being copied when traveling on the internet?"
My girlfriend makes them all the time.
I'll form my OWN solar system! With blackjack! And hookers!
proofyourfuckingheadlines
"You can either have software quality or you can have pointer arithmetic, but you cannot have both at the same time."
... not encryption. Quantum encryption or even computing is as pie in the sky as ever.
Or will it mean film studios can stop movies from being copied when traveling on the internet?
No. Not at all.
Quantum "encryption" foils interception of a data stream. That has nothing to do with copying a file and resending it once it reaches its destination.
You don't really have a girlfriend. But top marks for thinking anybody would ever believe you!
Researchers have managed to close a loophole in quantum cryptography that could allow a hacker to determine a secret key transmitted using the technology.
Working at Toshiba Research Europe in Cambridge, scientists found that laser diodes used to transmit keys used to encrypt data, known as Quantum Key Distribution (QKD), sometimes transmitted more than one photon at a time. Quantum encryption works by transmitting key data as a stream of single photons.
Should an eavesdropper try to intercept the transmission, monitoring a single photon would change the state of that photon, and this would make both ends of the transmission aware that the data had been eavesdropped. However, the laser diodes can sometimes transmit more than one photon and so a hacker could monitor the second photon, leaving the first photon unchanged and this would not alert anyone that the key transmission had been compromised.
But scientists have now added decoy photons to the key data. When an eavesdropper now tries to monitor extra photons, they will also monitor the decoy photons. Scientists said these decoy photons or "decoy pulses" are weaker on average and so very rarely contain two or more photons.
If an eavesdropper attempts a pulse-splitting attack, they will transmit a lower fraction of these decoy pulses than signal pulses. By monitoring the transmission of the decoy and signal pulses separately this type of intervention can be detected, according to scientists.
By introducing decoy pulses, the researcher found that stronger laser pulses could be used securely, increasing the rate at which keys may be sent. By using this method keys could be transmitted securely over a 25km fibre to an average bit rate of 5.5kbits/sec, a hundred-fold increase on previous efforts.
"Using these new methods for QKD we can distribute many more secret keys per second, while at the same time guaranteeing the unconditional security of each," said Dr Andrew Shields, Quantum Information group leader at Toshiba Research Europe. "This enables QKD to be used for a number of important applications such as encryption of high bandwidth data links."
The researchers also discovered a second method to push bit-rates even higher for QKD. The scientists have created the first semiconductor diode that can be controlled with electrical signal input to emit only single photons at a wavelength compatible with optical fibres. This 'single photon source' method eliminates the problem of multi-photon pulses altogether, claimed the research.
The single photon diode has a structure similar to an ordinary semiconductor light emitting diode (LED), but measures just 45 nm in diameter and 10 nm in height. The dot can hold only a few electrons and so can only ever emit one photon at a time at the selected wavelength. The source operates with only electrical signals, which is essential for practical applications such as QKD. Initial trials with the new device, reported recently in the scientific journal Applied Physics Letters, showed the multi-photon rate from the device to be fives times lower than that of a laser diode of the same intensity.
What is the last sentence doing there: "Or will it mean film studios can stop ..."? It's clear from the preceding text that that (i.e., copy while travelling, not copy afterwards) is one of the potential uses. So it's completely redundant. At the same time, the implicature of this particular phrase suggests Something Bad: Big Companies are trying to stop You from your Right To Download, or something akin, implying that these "researchers" have hidden agendas and are enemies of open source, Linux, Ruby, Apache and probably of world peace. That's of course complete and utter nonsense, so the last sentence should have been cut out by the editor. Why didn't that happen? And what's the link to www.absolutegadget.com doing there? Who gains by putting this link on the /. front page?
If you're only protecting the transport from spying eyes (with quantum encryption or whatever), that's only a part of what you need to protect your data.
This is the same reason why many, if not most, "SSL-protected" or "SSH-protected" servers are really sitting ducks: interesting data is still sitting in the clear on the endpoint servers' hard drives. (And don't get me started about "AUTH TLS" email forwarding...)
I've seen summaries with better understanding of technical topics in my local, small town, tabloid newspaper.
Really what nerd approves a summary like that?
Quantum encryption is quite a misleading expression since the quantum mechanics is only used to securely transmit a cryptographic key ... not encrypting the message.
Another can break. So it might be the best... for now.
-- I ignore anonymous replies to my comments and postings.
Ok, what's the weak link here? Is it as bad as plain text or are you just griping about worst case scenarios where space aliens can decrypt our email with their hyper-advanced technology?
The biggest drawback of this technology is not that it is in fact a key distribution method rather than an encryption scheme. It is that, as with pretty much all QKD systems, this only works if you have a continuous fibre-optic cable from one end to the other. That might be fine for linking two embassies or two military facilities but it makes it a bit useless for the Internet.
If intelligent life is too complex to evolve on its own, who designed God?
Now I can make posts on slashdot without anyone being able to read them. Privacy at last!
Or will it mean film studios can stop movies from being copied when traveling on the internet? ;)
They don't get copied during transmission, they get copied/drm-cracked after the other person has recieved it
I am a Cracker!
Why is that sentence there? OK, there is a new type of encryption - but how exactly does that relate to capturing movies while the roam free on the internet?
Is there something I'm missing - perhaps a tubes joke...
:(){
Or perhaps they aren't a nerd at all. I guess any ignorant hack could hastily slap together some crappy "story" or other just to make a few quick bucks. Welcome to Slashdot!
...' Or will it mean film studios can stop movies from being copied when traveling on the internet?" '....
Don't give them any ideas.
submitter is new to teh intarwebs.
'DVD' Jon breaks quantum encryption, APS sues claiming its against the laws of physics.
'Quantum Encryption is about transmitting keys for use in later encryption. Possibly even to the extent of a 'one time pad' for smaller messages. And it is not about hiding or scrambling the key either: it is sent in the clear, or maybe encrypted with something as a token measure. And can be intercepted, too.
It is about _knowing_ that the key was intercepted. If someone eavesdrops it, the receiving end knows it, and can tell the sender "Nope, that one was snaffled, beam me another."
Prediction for end of Universe #42: Fencepost error in Quantum_bogosort.cpp
Elsewhere in the comments people have correctly pointed out that it isn't encryption at all and that it is fundamentally incompatible with any router, switch, bridge or even repeater.
There's also the limit of 5.5 kbps, though that might be improved.
The issue that should have killed this idea ten years ago when Shamir pointed it out is that an attacker who has spliced the fiber can read the polarizer without ever looking at a single one of the transmitted photons.
Send the $#$@! key material by bonded courier in a tamper-evident package if it's that important. If for some reason that's not enough then split (e.g. Blakely-Shamir) the key material into shares, send each separately, and recombine when needed.
I do that all the time, and I don't need stinking encryption.
Ræsæarchærs havæ managæd to closæ a loopholæ in quantum cryptography that could allow a hackær to dætærminæ a sæcræt kæy transmittæd using thæ tæchnology. Working at Toshiba Ræsæarch Æuropæ in Cambridgæ, sciæntists found that lasær diodæs usæd to transmit kæys usæd to æncrypt data, known as Quantum Kæy Distribution (QKD), somætimæs transmittæd moræ than onæ photon at a timæ. Quantum æncryption works by transmitting kæy data as a stræam of singlæ photons. Should an æavæsdroppær try to intærcæpt thæ transmission, monitoring a singlæ photon would changæ thæ statæ of that photon, and this would makæ both ænds of thæ transmission awaræ that thæ data had bææn æavæsdroppæd. Howævær, thæ lasær diodæs can somætimæs transmit moræ than onæ photon and so a hackær could monitor thæ sæcond photon, læaving thæ first photon unchangæd and this would not alært anyonæ that thæ kæy transmission had bææn compromisæd. But sciæntists havæ now addæd dæcoy photons to thæ kæy data. Whæn an æavæsdroppær now triæs to monitor æxtra photons, thæy will also monitor thæ dæcoy photons. Sciæntists said thæsæ dæcoy photons or "dæcoy pulsæs" aræ wæakær on aværagæ and so væry raræly contain two or moræ photons. If an æavæsdroppær attæmpts a pulsæ-splitting attack, thæy will transmit a lowær fraction of thæsæ dæcoy pulsæs than signal pulsæs. By monitoring thæ transmission of thæ dæcoy and signal pulsæs sæparatæly this typæ of intærvæntion can bæ dætæctæd, according to sciæntists. By introducing dæcoy pulsæs, thæ ræsæarchær found that strongær lasær pulsæs could bæ usæd sæcuræly, incræasing thæ ratæ at which kæys may bæ sænt. By using this mæthod kæys could bæ transmittæd sæcuræly ovær a 25km fibræ to an aværagæ bit ratæ of 5.5kbits/sæc, a hundræd-fold incræasæ on prævious æfforts. "Using thæsæ næw mæthods for QKD wæ can distributæ many moræ sæcræt kæys pær sæcond, whilæ at thæ samæ timæ guarantææing thæ unconditional sæcurity of æach," said Dr Andræw Shiælds, Quantum Information group læadær at Toshiba Ræsæarch Æuropæ. "This ænablæs QKD to bæ usæd for a numbær of important applications such as æncryption of high bandwidth data links." Thæ ræsæarchærs also discoværæd a sæcond mæthod to push bit-ratæs ævæn highær for QKD. Thæ sciæntists havæ cræatæd thæ first sæmiconductor diodæ that can bæ controllæd with ælæctrical signal input to æmit only singlæ photons at a wavælængth compatiblæ with optical fibræs. This 'singlæ photon sourcæ' mæthod æliminatæs thæ problæm of multi-photon pulsæs altogæthær, claimæd thæ ræsæarch. Thæ singlæ photon diodæ has a structuræ similar to an ordinary sæmiconductor light æmitting diodæ (LÆD), but mæasuræs just 45 nm in diamætær and 10 nm in hæight. Thæ dot can hold only a fæw ælæctrons and so can only
I just love to play the piano. I am so glad William encouraged me through it all. -- Joyce, final words.
Maybe Computers will never be as intelligent as Humans.
For sure they won't ever become so stupid. [VR-1988]
The process obviously won't stop copying material but my question is could the same or a similar technology be used to create a dedicated display screen? Let's say with quantum entangled particles as an example you directly drove a screen from a linked source. For every screen manufactured a dedicated chip was loaded into the system linked to your display device. No lines would be needs to transmit the data but like a traditional TV reciever there would be no signal to tap it simply drives the screen. You order your content on demand and there's nothing to record so no piracy but if it was a one time purchase situation you wouldn't have to worry about lost, damaged or degraded media. It would solve most of the complaints except for those wanting free material. It would eliminate a lot of the distribution issues and end the dependence on satelites. No more screwed up signals when there's a lot of solar activity. Granted we're talking decades away but there is a potential for secured storage and distribution of media.
If your karma is listed as excellent, your posts start on 2. If you choose them to. Too. Choo choo.
(Maybe I should have AC'd this one!)
Prediction for end of Universe #42: Fencepost error in Quantum_bogosort.cpp
Problem with what is today called qc is that it is not cryptography, it is a safe signing algorithm.
So what if the eavesdropper makes the communication impossible just tainting each and every bit? As they are not safe, they are deemed worthless and the message needs to be re-sent...
This seems to me the problem. You have not built a safe channel, you have built an eavesdropper-aware channel, which is not the same.
Calling it "Quantum Encryption" just confuses what it is and how it works. Calling it "Quantum Key Exchange", would be a lot more accurate.
Actually, quantum encryption and computing are different things.
Quantum encryption is, well, basically nothing about using quantum mechanics to _encrypt_, but to send the key (and maybe the data too). The idea is that you send single photons. So basically if someone tapped into the line, you can't split the photon and get only a bit of the signal. Either you get it or the endpoint gets it, but not both. It makes man-in-the-middle attacks a bit harder. In fact, it claims to make it outright impossible.
Since the whole idea here is to elliminate the possibility for a man in the middle, intrusion detection is something valuable. Mind you, if the sending single photons was as un-interceptable as originally claimed, intrusion should be simply not possible, so I'm a bit stumped as to why would they want to detect something impossible. Maybe they know something we don't about how impossible it really is? (E.g., come to think of it, a laser kind of device inserted on the line could multiply that original photon thousands of times, all the clones having the exact same phase, polarisation, whatever.)
It may be pie-in-the-sky, I don't know, but at least it's one of those sane ideas that aren't too impossible to understand even for the layman. The only "quantum" thing about it is that you send individual quanta of light, i.e., photons. Since it's only one and it's indivisible, only one endpoint can get it. All simple and sane, IMHO.
Quantum computing, on the other hand, I don't know... there must be some sane researchers out there who know what they're doing, no doubt. But the media and marketting hype has drowned it all in so much bullshit it could fertilize a few acres, so from the layman (even with a decent grasp of physics and computing) point of view, it's hard to even tell what it would _really_ do, how it would work at all, and how would it be useful at all.
I've even seen such bullshit claims like that it basically holds all possible states at the same time, so it can calculate anything instantly, since the solution state is already one it simultaneously holds. Which is blatantly bull. If it simply holds all possible states at the same time, that's as good as saying that it has no state at all, or you can't measure it. To get an answer out of the computer, you need to get out of it a particular state which represents the result of the calculation. By that logic I could give you a CD with all possible 4 million DWORD (4 byte, 32 bit) values, from -2 million to 2 million, one of which is the result to your problem. There you go, any problem that has a DWORD result already has the result on that CD, so it was "calculated" instantly. Isn't it an impressive feat? I don't even know your problem, but that CD already has the result to it. It's also completely freakin' useless, if you don't know which one of them. That CD as such holds no more actual usable information that that it's a 32 bit number, which you knew in the first place.
Not saying that that's what the actual researchers study, but that's the kind of bogus info that you see from the outside. It's damn hard to tell if it's actually something that might work, or just snake oil to get a clueless VC's money. On par with extracting free energy out of water, the Infinium console, and other such fine con schemes that some people actually dumped millions into.
The only sorta working quantum implementations so far, are basically not even as much quantum computers as hyped, as glorified analog computers. The thing about quantum mechanics is that 99% of it are probabilities.
As some trivial examples, you can't tell for example exactly where an electron is in a potential well (e.g., in a CMOS transistor), or in some cases even if it is still in the potential well or it's out of it already, but you can calculate a probability cloud of, basically, what are the chances of it being in this particular point. Or if you do interference with electrons (think the school physics experiment with shining a light through two thin slots, o
A polar bear is a cartesian bear after a coordinate transform.
I don't see how this bandwidth is a problem for secure key exchange.
Isn't the point of this to make it practical to utilize high bandwidth yet unsecured connections to send heavily encrypted data? Even when changing the key very frequently, the secure quantum channel should be more than fast enough.
It's just like satellite TV encryption. The data stream can be received with zero chance of detection anywhere within the satellite's footprint: even less secure than sending data over the internet. By having a seperate secure* key distribution stream, they can get away with this without massive piracy. In this case, this "stream" is the physical transfer of smart cards with keys stored on them.
* The problem is, it's not secure. Since the physical distribution of keys via smart card is so slow, the video decryption keys are sent encrypted over the high bandwidth yet unsecured satellite connection along with the video stream. The card uses its key to decrypt the video key, which is then sent back to the satellite receiver to decrypt the video stream. Since the receiver is ultimately less tamper-resistant than the smart card, and it could be possible to extract a video key from its RAM while running, this allows the video key to be changed every few seconds, making distribution of current keys to others useless. While this sounds good, the cards are not as tamper-proof as they'd like to be, and the expense of constantly swapping all customers' cards to new ones with fixes creates a legacy loophole. Combine this with an intrinsic inability to keep hackers from physically accessing all needed decryption hardware and no means to detect their hacks remotely, and it makes this method of key distribution very insecure against determined individuals. With good quantum connections, all these problems are avoided.
Assuming the receiving mail server has a correctly signed certificate, it is practically impossible to intercept the mail in transit from one server to another. The catch it, the encrypted path is not guaranteed from end-to-end. If I send you an email, I will send it over a TLS connection to my mail server. It will then send it to your mail server (identified by MX), which may then forward it for several hops before it actually reaches you. I have no way of guaranteeing that the connection is secure beyond the first hop (my laptop to my mail server). Anything else might be no better than plain text because it might be plain text. If you want secure email, you need to use some kind of end-to-end encryption such as PGP and make sure you exchange keys over a secure out-of-band channel. Or, you can just accept that email isn't secure.
I am TheRaven on Soylent News
WAIT!!! don't click on the link, it will change the outcome!!!
I have ridden the mighty moon worm!
" quantum encryption completely secure (registration required) " - that would be quantum registration then ? :-)
So was there too much irony in my post? In your terms: bad editting means the readers lose, which could (eventually) drive them away from Slashdot, by which nobody would gain anything.
They're intentionally sending MANY photons, to get a stronger signal, to improve the data rate. So they're not using "quantum" anything. They're also adding a bunch of decoy photons, to confuse the evesdroppers.
Nothing at all new here, move on...
Scientist Makes ......, in the case of one scientist singular or Scientists Make in the case of several or many scientists plural.
I hate to split hairs, but this is _not_ steganography. There is a subtle difference.
This is not hiding the existance of the message. It is simply obfuscating it with the decoy photons. It is still obvious that a message is being sent.
Steganography is hiding the very existance of the message, such as the ancient example of shaving a slave's head, tatooing the message on his bald scalp, waiting for the hair to regrow, and then sending the slave to the recipient of the message. To any outsider the slave was just (most likely) one of several slaves moving with some other people from one place to another.
At the destination the slave's head would be shaved again and the message revealed. Unfortunately, this usually would also result in the slave being killed to prevent the secret method from ever being revealed.
Thus, this "quantum encryption" is not steganography, but two things: a method to prevent reading of a message by way of quantum mechanics and a method of obfuscating (e.g. chaffing) a message.
(background - I have a Ph.D. in infosec and AI)
That really depends on who you ask. 100 years is definitely a pessimistic claim. That said, I'm fairly pessimistic, too.
Ben Hocking
Need a professional organizer?
Besides, the technology isn't the real issue anyhow. It is the people at both ends that have access to the data. They are the real problem with keeping stuff secret.
Quantum encryption break through and I click on the story and see a video still of someone giving someone else a huge wedgie. That's not the quantum encryption break through I was hoping for.
You know why? Because the people you want to protect the content from are the same people you want to sell the content to.
Make it easily available through normal means and piracy will go down.
I'm in the hole of the broadband donut.
Isn't another downside of Quantum encryption the fact that it might render military intelligence unable to decrypt enemy messages? Quite a few wars/battles have been won by decrypting key enemy communications to find out troop, supply, and critical target locations. As well, giving false information to trap the enemy has been used many times.
It's a little better than plain text, but if you can get an agent on a mail server that sends or receives mail (or just break in and take the current contents), your transport encryption buys you nothing. In other words, the messages sent over AUTH TLS are still stored in the clear "at rest" on the hard drive (shudder).
If you want to get serious about encryption in email,you should probably be checking out SMIME (or at least PGP)...
Just inject continous noise into the system.
Makes the whole thing useless.
In reality, attackers will follow the path of least resistance. In my opinion there is really no reason to have perfect encryption if other aspects of security are so laughable. Even running linux I don't feel truly secure. I have never read the source code for the programs I run. At this point in time, to me, computers are black boxes filled with 'programs' doing 'something', and until it is completely transparent exactly what my computer is doing, I won't feel secure. these things I require include: Always on and visible packet sniffer. complete disk and memory map always available. completely contained boot sequence that can be checked manually for correctness, and automatically against a hash to detect changes. Secure path to OS. This is a short list of what I need to feel secure.
-John Fenley
I'm always amused by slashdot's fascination by quantum encryption. Unless I'm mistaken, it's only of any use if you have line of site with the machine at the other end of your communication channel, via satellite or fiber optic cable. And unless I'm mistaken, I don't think that applies to any of us... Yes, it's interesting, but in reality, the only beneficiary is secure government or inhouse corporate communications.
It doesn't stand to benefit ecommerce unless every link in the communication is trusted, and it certainly doesn't benefit our privacy, unless you can afford to lay down a fiber cable from your home or office directly to the person you want to communicate with.
You're not going to see a quantum encryption algorythm to run on your desktop computer and send secure emails to your buddies. It's just now how it works.
Correct me if i'm wrong, please!
Hm, decoy pulses. Sounds like security through obscurity to me.
/before/ peer review and I'm not willing to even look at it until then - not exactly the science mentality to publish /before/ review IMO).
I'll just wait till this actually gets peer reviewed (I'm assuming this as pretty much every "break through" has be broadcasted
Basically, let me know when the article shows up in something like PhysRef. NOT when it's on some newspaper's website.
My personal favorite tags occur whenever the headline poses a question. Inevitably, you get both "Yes" and "No" tags and if you are truly lucky a "Maybe" tag might be thrown in as well. Talk about useless tags.
As any geek worth its salt should know, "Security" has three essential and intertwined aspects: Integrity: will the data remain the same and be only changed when and how it should be; Accessibility: will the data stay accessible by those who should have access; and Privacy: will the data stay inaccessible to those who should not have access.
This technique is intended to preserve Privacy, and possibly may help with Integrity; however, quantum cryptography gives no benefits to Accessibility aspects of security. If I cut your fiber lines, your message is no longer accessible. It's that simple.
//Information does not want to be free; it wants to breed.
Dogbert patents Television Static and sells his "video library" to Dilbert's company.
Now some business majors discover quantum white noise and use it as "decoy pulses".
Now friends ..gather round for thIS one: Some scientists dream up a thing called 'Quantum Computing' , which includes "Totally SECURE' methods!!
.. what to we find??? We find that the same sequence of events is occurring before our eyes in THIS field as hav occurrd in the DRM world!!
..as it always has!
so
I didnt hear of any 'quantum vulnerability' before thiS lil announcement! Of course, they did manage to 'fix what was impossible to break' before telling us it was broken!!
Sooo.. naturally, we gotta wonder where is the nEXT 'security flaw' in the quantum world!
time will tell
"There are 11 kinds of people: those who know binary, those who don't, and those who could not care less!"
unless someone invents some sort of video-recording device, something with a light sensor, perhaps.
Send email from the afterlife! Write your e-will at Dead Man's Switch.
Well, if anyone ever invented something like what you describe, it would be a very useful thing indeed. However, to the best of my knowledge even that is one thing that quantum computing hasn't (yet) been hyped as capable of doing. Not in the form you describe, anyway. Yes, we'd all love such an insanely parallel machine, but it's not going to happen like that, and not as a quantum computer.
For starters, a set of qubits can hold a lot of information, basically some analog numbers, but it doesn't automatically implement any set of arbitrary constraints at them. Pretty much the only constraint you get, so to speak, for free, is that the sum of all those numbers must be 1. They're probabilities to be in any given state, and the total probability must be 1. That's it.
Second, it really just holds a probability, _not_ all the possible states. Changing the state pretty much means shifting some of the probabilities around. So if you're hoping to actually hold and compute all possible solutions there simultaneously, you'll probably be in for a bit of a disappointment.
Even if you assigned one of those probabilities to one possible solution, it's like saying that you assign every bit in the CPUs registers to whether or not one particular possible solution is correct or not. Just because you can assign some meaning to a bit, doesn't mean you get that for free. You still have to figure out an algorithm that actually changes all those bits to the right values. Or in the case of quantum computers, which shifts the probabilities just right.
Third, the problem anyway would be, basically, implementing those constraints anyway. If you actually wanted to get them for free, you'd have to pretty much design a mollecule which automatically enforces them. To the best of my knowledge, noone ever proposed (seriously) doing that, but if you wanted to, that's what it would mean. For the sieve, you'd have to figure a system where basically if the "bit" for 2 is set, then the "bits" for 4, 6, 8, etc, inherently can't be set. It's a more complicated thing than it sounds.
Fourth, the problem so far is scaling. So far the best anyone ever produced is a 7 qubit mollecule that's just about useful enough to factor 15 into 3*5. But the problems grow through the roof as you want to make systems with more qubits, because it becomes insanely more difficult to set and read the status of all of them, and to design a mollecule which actually acts that way. The problem isn't just having the silicon or budget for an extra bit, like in normal computer, but pretty much involves inventing something completely new that can possibly work like that. It took years to even get the one that factors 15.
Fifth, scaling in the other direction: you have a very short time after which the system goes decoherent. Basically you have to figure out an EM pulse that sets the spin probabilities just right, but the system starts pretty much immediately to goes out of whack on its own. Each mollecule in that solution starts doing its own thing and electrons are randomly flipping on their own. For a very short time it means you just lose a (very) little precision on the analog numbers represented, but any longer and it's as good as a random number. So basically if your whole algorith didn't end in that time, tough shit, you're out of luck. Don't think QC will solve too complex problems for you any time soon.
Sixth, well, just because some mathematicians designed a language for something, doesn't mean by far that it actually exists. Mathematicians are very smart people, and unlike physics maths isn't tied as such to the natural world. You can build a maths theory around anything. A lot of them aren't even supposed to represent an actual body in the real world, but some very particular way to calculate something. E.g., as the most trivial example, there are n-dimensional geometries, but that doesn't mean you'll be able to actually build a 6-dimensional cube in the real world any time soon. Those geometries are supposed to model other kinds
A polar bear is a cartesian bear after a coordinate transform.
While using decoy-state in quantum key distribution is a fairly new (from 2003 by Hwang) and useful idea, the fact that the Toshiba guys have implemented it is hardly a breakthrough. They are not even the first to do it. A group in Toronto did it more than a year ago (http://www.arxiv.org/abs/quant-ph/0601168).
Second, the decoy state method doesn't improve the level of security (it can be secure without using decoy), but the distance and rate at which one can do secure key distribution improves greatly.
Third, scientists have known since the early days of the laser that laser diodes sometimes emit a variable number of photons (for those of you who know statistics, the photon number in a pulse is random with a Poissonian distribution). This has been taking into account when making security proofs.
Except from those points, the article is not too far from the truth. Using decoy states in quantum key distribution is a very nice idea. Using it requires one extra component, a variable attenuator, and a software update. And the typical secure distance is increased tenfold (from ~10 km to ~100 km) to almost the same distance one would have for a single photon source.
Network security systems that rely on the laws of quantum mechanics to create hack-proof networks are arriving in the form of practical products that are easily integrated into optical networks. The revamped system produces and distributes public keys in real-time. Use of the Nitrox encryption processors makes it possible to implement a virtual private network using standard IPsec protocols and an unhackable key distribution system. Secret keys for one-time functions let only the receiver decrypt the scrambled bits, but in practice even the most secret key can be found by a supercomputer using trial and error. In contrast, quantum cryptography is secure no matter how fast a hacker's computer is because the technique harnesses the laws of physics to guarantee security.
Anyway the first thing you should never do in security is say "this is completely secure".
And how did the summary make the link from "completely private transmission of data" to DRM? It just highlights the fatal problem with DRM - even if we had quantum security, there'd be no way to make bits not copyable.